Legal
Privacy policy
How we collect, use, and protect your personal information.
Last updated: May 2026
Your data is encrypted
AES-256 at rest, TLS 1.3 in transit.
We never sell your data
No ads, no data brokers. Ever.
You own your data
Access, export, or delete anytime.
Spooint (“we”, “us”, or “our”) is committed to protecting your privacy. This policy explains what information we collect, how we use it, and the choices you have. By using our services, you agree to the practices described here.
Information We Collect
Personal information
When you create an account, we collect your name, email address, phone number, date of birth, and government-issued identification for KYC verification.
Financial information
We collect bank account details, transaction history, wallet balances, and payment information necessary to provide our services.
Device & usage data
We automatically collect device type, operating system, IP address, browser type, and usage patterns to improve our services and detect fraud.
How We Use Your Information
Providing services
To process transactions, manage your wallets, verify your identity, and deliver the financial services you request.
Security & fraud prevention
To monitor for suspicious activity, prevent unauthorized access, and protect your account and funds.
Improving our platform
To analyse usage patterns, fix bugs, develop new features, and enhance the overall user experience.
Communication
To send you transaction confirmations, security alerts, service updates, and respond to your support requests.
How We Share Your Information
Licensed financial partners
We share necessary information with our banking partners to facilitate transactions, currency conversions, and regulatory compliance.
Regulatory authorities
We may disclose information when required by law, regulation, or legal process, including anti-money laundering and tax reporting obligations.
Service providers
We work with trusted third-party providers for infrastructure, analytics, and customer support. They are bound by strict data protection agreements.
Data Storage & Security
Encryption
All data is encrypted in transit using TLS 1.3 and at rest using AES-256 encryption. Sensitive credentials are stored using industry-standard hashing.
Data residency
Your data is stored in secure, certified data centres. We comply with applicable data protection regulations in each jurisdiction we operate.
Retention
We retain your data for as long as your account is active and as required by regulatory obligations. You can request deletion at any time.
Your Rights
Access & portability
You can request a copy of all personal data we hold about you in a machine-readable format.
Correction
You can update or correct your personal information at any time through the app or by contacting support.
Deletion
You can request the deletion of your account and associated data, subject to regulatory retention requirements.
Objection & restriction
You can object to certain processing activities or request that we restrict how we use your data.